package com.yuyue.dronesystem.configs;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.SecurityBuilder;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.WebSecurityConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * MySecurityConfig
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MySecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // http.csrf().disable();
        http.csrf().ignoringAntMatchers("/druid/*");
        http.authorizeRequests().antMatchers("/main/**").hasRole("USER");
        http.formLogin().loginPage("/login").loginProcessingUrl("/action/login").defaultSuccessUrl("/main");
    }

    // @Override
    // protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    //     auth.inMemoryAuthentication()
    //         .passwordEncoder(passwordEncoder())
    //         .withUser("admin")
    //         .password(passwordEncoder().encode("123456"))
    //         .roles("ADMIN","USER");
    //     auth.inMemoryAuthentication()
    //         .passwordEncoder(passwordEncoder())
    //         .withUser("user")
    //         .password(passwordEncoder().encode("1234567"))
    //         .roles("USER");
    // }

    @Bean 
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}